package com.cci.zkweb.core.services.impl;

import java.io.Serializable;

import com.cci.zkweb.core.entity.SessionItem;
import com.cci.zkweb.core.entity.User;
import com.cci.zkweb.core.services.AuthenticationService;
import com.cci.zkweb.core.services.UserInfoService;
import com.cci.zkweb.core.util.SessionUtils;

public class AuthenticationServiceImpl 
implements AuthenticationService, Serializable {
	private static final long serialVersionUID = 1L;

	UserInfoService userInfoService = new UserInfoServiceImpl();
	
	@Override
	public boolean login(String nm, String pd) {
		User user = userInfoService.checkUserCredential(nm, pd);

		// a simple plan text password verification
		if(user == null) {
			return false;
		}

		SessionItem item = new SessionItem(user, pd);
		SessionUtils.setSessionItem(item);

		// TODO handle the role here for authorization
		return true;
	}

	@Override
	public void logout() {
		SessionUtils.removeSessionItem();
	}

	@Override
	public SessionItem getUserSessionInfo() {
		SessionItem si = SessionUtils.getSessionItem();
		if(si == null) {
			si = new SessionItem();
			SessionUtils.setSessionItem(si);
		}
		return si;
	}
}
